Creating a User
Executing this guide as the root user should be avoided. Instead, create a new dedicated user to manage your bridgechain and grant him sudo privileges. On your server, type the following into the command line and press enter:
1adduser <username>
Username
is the new name you want to use. Moving forward in our examples we’ll use username bridgechain
but if can be customized to your preferred choice.
1adduser bridgechain
You will see:
1Adding user 'bridgechain' ...2Adding new group 'bridgechain' (1000) ...3Adding new user 'bridgechain' (1000) with group 'bridgechain' ...4Creating home directory '/home/bridgechain' ...5Copying files from '/etc/skel' ...6Enter new UNIX password:
You will need to enter a user password and confirm it by entering the same password again. Make sure it’s long and secure. After that, you will be prompted to enter the new user’s full name and some other information. As they are optional, feel free to leave them all blank by continuing to press Enter
.
You will see:
1passwd: password updated successfully2Changing the user information for bridgechain3Enter the new value, or press ENTER for the default4 Full Name []:5 Room Number []:6 Work Phone []:7 Home Phone []:8 Other []:9Is the information correct? [Y/n]
When prompted to confirm, type Y
and press Enter
to finish.
Granting New User Sudo Privileges
Now that a new user is added, we need to give them sudo privileges so the new user can execute administrative functions.
1usermod -a -G sudo bridgechain
The username is bridgechain
in our example.
Now, our server is configured and ready to accept the bridgechain installation script, aside from any security precautions you should take with your new server such as disabling root access, SSH using keyPairs, custom SSH port, port knocking, fail2ban, or DDoS protection.
Securing the Servers
The documentation for securing an ARK Public Network or Devnet node also applies for launching a bridgechain. This is important because the genesis node must be protected as much as possible from attack if live delegates aren’t available yet. Review security precautions here. Moreover, it is strongly advised to destroy genesis delegate passphrases on the genesis node when your network attains proper stability after live delegates step in.